Certified Information Privacy Professional (CIPP) Practice Questions 2026 – All-in-One Guide to Exam Success!

The correct answer is that companies must assist law enforcement with decrypting customer data is NOT a requirement under the Communications Assistance for Law Enforcement Act (CALEA).

CALEA primarily focuses on ensuring that telecommunications carriers and certain other service providers support lawful interception of communications when authorized by law enforcement. This includes ensuring that the companies can provide access to their communications systems to facilitate surveillance activities, but it does not mandate that they assist in decrypting encrypted communications. This distinction is significant because the act respects the technical complexities and legal implications of encryption, leaving companies with discretion on how to handle encrypted data.

The other options reflect requirements and expectations that CALEA imposes on service providers. For instance, ensuring accessibility for law enforcement is fundamental to the act, as it aims to guarantee that law enforcement can monitor critical communications after obtaining proper legal authorizations. Similarly, preventing the collection of unrelated private information and implementing confidentiality controls during investigations are consistent with the act's focus on balancing law enforcement needs with privacy rights. Thus, option D stands out because it misrepresents the expectations set by CALEA regarding the obligations of service providers in relation to encrypted data.